Introduction to Plugin Programming, WordCamp Miami 2011


Published on

An intro lecture on how to customize WordPress by writing your own plugins in PHP, whether for publication or just for your own projects.

Published in: Technology
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Introduction to Plugin Programming, WordCamp Miami 2011

  1. 1. PHP WordPressCustomizationWordCamp Miami 2011<br />Take the Good Parts, Then Bend It To Your Will<br />By David F. Carr<br /><br />
  2. 2. Self Introduction<br />Freelance writer, editor, and web consultant<br />Write for on cloud computing, technology for small to midsize businesses<br />Technology Editor for WebWeek / Internet World Magazine in1990s, Baseline Magazine 2001-2008<br />Webmaster for small businesses, community organizations, political campaigns<br />WordPress replaced a lot of custom hacks<br />Will mostly be talking about plugins to modify the behavior of the system <br />
  3. 3. Overview<br />Why start with WordPress?<br />A Plugin Is Just PHP, a Theme Is PHP/CSS<br />JavaScript / AJAX, too<br />Files, system load, and The Loop<br />Hooking into Filters and Actions<br />Customizing the admin screens<br />Customizing the front end<br />Creating a custom post type<br />Where to learn more<br />
  4. 4. When a Plugin Makes You Popular<br />
  5. 5. Why Start With WordPress?<br />Faster than starting from a clean sheet of paper (blank screen of code)<br />Content management for blogs, web pages<br />SEO friendly<br />Availability of vast array of free themes and plugins, plus commercial options<br />Lots of tutorial material<br />Strong developer community<br />
  6. 6. A Plugin Is Just PHP<br />
  7. 7. Anatomy of a Theme<br />Themes have a similar header in style.css.<br />Theme loads index.php (or page.php, single.php, archive.php) to execute “the loop.” Each also loads header.php, footer.php, and usually sidebar.php<br />
  8. 8. The Loop<br />
  9. 9. Globals and Lookup Functions<br />site_url()<br />admin_url()<br />content_url() or WP_CONTENT_URL<br />plugins_url() or WP_PLUGIN_URL<br />includes_url()<br />home_url()<br />WP_PLUGIN_DIR<br />WP_CONTENT_DIR<br />ABSPATH – directory including trailing /<br />None of the rest include trailing /<br />So $url = plugins_url() . /demo/report.php<br />
  10. 10. More Globals, Conditional Functions<br />Need to use global keyword at top of function to access<br />global $wpdb – database object<br />global $post<br />$post-ID, $post->post_type<br />global $current_user<br />$current_user->first_name<br />Conditional functions<br />is_user_logged_in()<br />is_single() or is_single(10)<br />is_page or is_page(10) or is_page('about_us')<br />is_admin() – is this an admin page?<br />
  11. 11. WordPress File Hierarchy<br />The wp-content directory has subdirectories for plugins and themes<br />The index.php in web root loads the system, loads activatedplugins and themes<br />Plugins: functionality<br />Themes: look and feel<br />functions.php – theme-specific behavior<br />
  12. 12. Hooking Into WordPress<br />Core WordPress API built around 2 kinds of hooks:<br />Filter hooks – intercept some bit of content, modify it, return it. Mostly UI but also some back end filters.<br />A filter on ‘the content’ modifies the content of a post.<br />A filter on ‘posts_orderby’ modifies the ORDER BY clause in the SQL for retrieving posts.<br />Action hooks – triggered by an event in WordPress initialization or loading of template files.<br />The ‘init’ action comes after database is loaded but before page display starts. Can be used to act on a $_POST, then redirect.<br />The ‘wp_header’ and ‘wp_footer’ actions called from header.php and footer.php output custom content<br />Other actions specific to admin screens, like ‘admin_menu’<br />
  13. 13. Key Actions Public Page<br />muplugins_loaded<br />plugins_loaded<br />setup_theme<br />load_textdomain<br />set_current_user<br />init<br />wp_loaded<br />parse_request<br />send_headers<br />parse_query<br />pre_get_posts<br />posts_selection<br />wp<br />template_redirect<br />wp_head<br />wp_enqueue_scripts<br />wp_print_styles<br />wp_print_scripts<br />loop_start<br />the_post<br />loop_end<br />get_sidebar<br />wp_footer<br />wp_print_footer_scripts<br />shutdown<br />
  14. 14. Sample Filters<br />wp_title (page title)<br />the_title (post title)<br />the_content<br />the_content_feed<br />the_excerpt<br />the_excerpt_rss<br />the_category<br />the_tags<br />the_time<br />the_date<br />the_weekday<br />comment_text<br />comment_save_pre<br />the_editor_content<br />wp_list_pages<br />save_post<br />wp_insert_post_data<br />login_redirect<br />cron_schedules<br />mce_css (rich text editor)<br />posts_request<br />posts_join<br />posts_orderby<br />posts_where<br />
  15. 15. Modifying Admin Screens<br />The Default Dashboard<br />
  16. 16. Custom Dashboard<br />
  17. 17. Custom Admin Menus<br />
  18. 18. Function to output menu page<br />
  19. 19. Admin Data Entry Page<br />
  20. 20. Nonce Security<br />Number used once<br />Make sure requests coming from authenticated user with unique code<br />$nonce= wp_create_nonce ('my-nonce');<br />wp_nonce_field("qday","qnonce") is the same as:<input type=“text” name=“qnonce” value=“<?=$nonce?>”><br />Test:<br />Code: if(wp_verify_nonce($_POST["qnonce"], "qday") )<br />
  21. 21. Catching $_POST at init / admin-init<br />
  22. 22. Process, Then Redirect<br />Separate UI from server processing<br />Helps avoid double-submit issues<br />Redirect with different parameters for success / failure<br />Exit after redirect<br />Similar pattern can be used for AJAX (echo json, then exit)<br />
  23. 23. Wrapper Functions For WP Database<br />Create a post with code using wp_insert_post<br />Retrieve and change settings using get_option and update_option<br />
  24. 24. Settings API<br />
  25. 25. The WordPress Database<br />
  26. 26. Database Programming with WordPress<br />Global $wpdb data access object<br />Get results with $wpdb->get_results<br />Get row with $wpdb->get_row<br />Format/quote SQL with $wpdb->prepare<br />
  27. 27. Insert / Update <br />Remember security<br />Check nonce<br />Filter values<br />Compensate for “magic quotes” with$postdata = array_map( 'stripslashes_deep', $_POST );<br />Use $wpdb->prepare to quote properly<br />Execute insert / update with $wpdb->query($sql)<br />
  28. 28. DB Programming Pitfalls<br />Forgetting to declare $wpdb as global<br />Use ARRAY_A parameter to get associative array from $wpdb->get_results or $wpdb->get_row if you want results to be accessible as $row["field_name"]<br />Default is object format $row->field_name<br />Use $wpdb->show_errors() to debug SQL<br />Return value from $wpdb->query is false on error, or number of rows affected (could be 0)<br />Test for error: if($return_value == false) echo ‘error’;<br />
  29. 29. Allow For Alternate Table Names<br />Default table names like wp_posts can have alternate prefixes, so use $wpdb->posts instead<br />Custom table $wpdb->prefix . "rsvpmaker"<br />
  30. 30. Shortcodes<br />Placeholder codes site editors can include in pages and posts<br />Standard:[embed][/embed]<br />Custom:[demotag title="Date" date="r"] Date in RFC822 Format [/demotag]<br />
  31. 31. Contact Form Example<br />Use a shortcode to display form<br />Process $_POST on ‘init’ then redirect<br />Use JavaScript jQuery library to enhance<br />
  32. 32. Enqueue Bundled / Custom JavaScript<br />Load scripts in right order with wp_enqueue_script<br />Register custom scripts, dependencies with wp_register_script<br />
  33. 33. jQuery and Friends<br />“No Conflict” mode so start with jQuery(document).ready(function($)<br />Warning: Textbook jQuery examples usually start with this shortcut:<br />$(document).ready(function()<br />
  34. 34. Live Example - RSVPMaker<br />
  35. 35. Creating a Custom Post Type<br />Add a content type that can use common editing controls but be organized separately<br />
  36. 36. Editing Screen With Custom Options<br />Standard formatting / uploading controls<br />Custom panels: add_meta_box<br />Process $_POST on save_post action<br />Save custom data: update_post_meta<br />
  37. 37. Custom Display for Custom Post Type<br />Filter ‘the_content’, check post type, look up and format dates for events, display form if is_single() otherwise show RSVP Now! button<br />
  38. 38. Summary<br />WordPress provides a foundation / framework<br />Create / customize themes to change look and feel<br />Download or create your own plugins to alter WordPress system behavior<br />Filters hooks alter content, return results<br />Action hooks triggered by initialization stages, function calls in theme templates, administration screen access<br />Create your own administration reports / data entry screens.<br />Use wrapper functions and $wpdb global to update DB<br />Use shortcodes, filters, output functions for JavaScript and CSS to enhance public website<br />
  39. 39. Follow Up<br />Email:<br />Recommended book:WordPressPlugin Development – Beginner’s Guide by Vladimir Prelovac<br />Presentation/Code/<br />Developer documentation<br />Forums<br />Mailing lists (wp-hackers etc.)<br />